Association for Information Systems
AIS Electronic Library (AISeL)
MWAIS 2010 Proceedings
Midwest (MWAIS)
5-2010
Moderating Role of Perceived Health Status on
Privacy Concern Factors and Intentions to Transact
with High versus Low Trustworthy Health
Websites
Gaurav Bansal
University of Wisconsin - Green Bay, [email protected]
Rebecca Davenport
University of Wisconsin - Green Bay, [email protected]
Follow this and additional works at: http://aisel.aisnet.org/mwais2010
Recommended Citation
Bansal, Gaurav and Davenport, Rebecca, "Moderating Role of Perceived Health Status on Privacy Concern Factors and Intentions to
Transact with High versus Low Trustworthy Health Websites" (2010). MWAIS 2010 Proceedings. 7.
http://aisel.aisnet.org/mwais2010/7
This material is brought to you by the Midwest (MWAIS) at AIS Electronic Library (AISeL). It has been accepted for inclusion in MWAIS 2010
Proceedings by an authorized administrator of AIS Electronic Library (AISeL). For more information, please contact [email protected].
Health Status and Health Information Privacy Concern
Bansal and Davenport
Moderating Role of Perceived Health Status on
Privacy Concern Factors and Intentions to Transact
with High versus Low Trustworthy Health Websites
Gaurav Bansal
University of Wisconsin - Green Bay
[email protected]
Rebecca Davenport
University of Wisconsin - Green Bay
[email protected]
ABSTRACT
Prior research suggests four privacy concern factors namely 1) collection, 2) unauthorized secondary use, 3)
improper access and 4) errors in handling one’s information. This research investigates the moderating role of
perceived health status on the relationship between health information privacy concern factors and one’s intentions
to transact with high trust websites (offering no discount) versus low trust websites (offering high discount). We use
Utility Theory to argue that privacy concern factors and perceived health status impact one’s preference of trust over
discount. This is the first study, in our knowledge, to examine the impact of perceived health status in this setting. It
is also an early attempt to investigate the relative role of the privacy concern factors. On theoretical side the study
thus adds to the privacy-trust literature, and also contributes to the health information systems area. The study has
practical implications by showing that the well known and lesser known health websites need to follow different
strategies in order to win over their users’ business. Moreover, their strategy needs to be different depending upon
the perceived health status of their users.
Keywords
Health information privacy concern, privacy concern factors, trust, perceived health status
INTRODUCTION
Research suggests that people are concerned for the privacy of their health information (Westin 2006). Health
information is generally considered more sensitive than demographics and contact information (Bansal et al. 2008;
Malhotra et al. 2004). People are concerned that once the health information is out, it is out, and cannot be made
secret again (Rindfleisch 1997). People “worry that the risk of sensitive medical information falling into the wrong
hands — such as those at insurance companies, employers, drug companies and marketers — is too great”
(USAToday.com 2008). Moreover, unhealthy people have more reasons to be wary of their health information
privacy. Those who perceived their health to be “poor” are more sensitive about their health information (Bansal et
al. 2010).
LITERATURE REVIEW AND THEORY
Privacy concern has been defined as the degree of control one has over one’s information (Bansal et al. 2010). Smith
et al. (1996) identified four dimensions of privacy concern namely: (a) collection, (b) unauthorized secondary use,
(c) unauthorized access, and (d) errors. Stewart and Segars (2002) later established privacy concern as a second
order construct with the four first order factors. Malhotra et al. (2004) have also analyzed the privacy - trust
relationships modeling privacy as a second order construct. However, till date the individual examination of the
privacy concern factors is rare. This paper attempts to fill that void by examining the relative role of privacy concern
factors on preference of trust over discount. Table 1 briefly defines the privacy concern factors.
Collection Concern
Collecting too much information on the users
Secondary Use Concern
Usage of the user information for other purposes, without the users’
approval
Improper Access Concern
Unauthorized access to the user information
Errors Concern
Errors in the user information
Table 1. Definition of the Privacy Concern Factors (Smith et al. 1996)
Proceedings of the Fifth Midwest Association for Information Systems Conference, Moorhead, MN May 21-22, 2010
1
Health Status and Health Information Privacy Concern
Bansal and Davenport
Utility Theory suggests that individuals tend to maximize overall utility of the transaction and that these decisions
are a function of one’s personal dispositions. Relying on Utility Theory, Bansal et al. (2010) argued that disclosing
health information online is a disutility. Privacy concerns enhance this disutility whereas trust in the website reduces
this disutility. They showed that the perceived disutility is a function of one’s personal dispositions. In the same vein
it could be argued that those who have high perceived disutility with disclosing health information online would be
willing to pay premium in order to transact with a trustworthy website and those who have low perceived disutility
would be willing to trade for discount over trust. Perceived poor health status would arguably heighten the disutility
associated with the health information disclosure. Thus,
Hypothesis1. Concerns related to collection of private health information are positively associated with intention to
transact with higher trust website.
Hypothesis2. Concerns related to unauthorized secondary use of private health information are positively associated
with intention to transact with higher trust website.
Hypothesis3. Concerns related to improper access to private health information are positively associated with
intention to transact with higher trust website.
Hypothesis4. Concerns related to errors in handling of private health information are positively associated with
intention to transact with higher trust website.
Hypothesis5. Perceived poor health status will positively moderate the relationship between collection privacy
concerns related to private health information and intention to transact with higher trust website, such that those with
higher poor health status will have higher intentions to transact with trust websites.
Hypothesis6. Perceived poor health status will positively moderate the relationship between unauthorized secondary
use privacy concerns related to private health information and intention to transact with higher trust website, such
that those with higher poor health status will have higher intentions to transact with trust websites.
Hypothesis7. Perceived poor health status will positively moderate the relationship between improper access
privacy concerns related to private health information and intention to transact with higher trust website, such that
those with higher poor health status will have higher intentions to transact with trust websites.
Hypothesis8. Perceived poor health status will positively moderate the relationship between errors privacy concerns
related to private health information and intention to transact with higher trust website, such that those with higher
poor health status will have higher intentions to transact with trust websites.
Collection
H1
Unauthorized
Secondary Use
Improper
Access
H2
Preference
of Trust
over
Discount
H3
H4
H6
H8
Errors
H5
H7
Controls:
Perceived
Poor
Health Status
Financial Status
Figure 1. The Research Model
RESEARCH METHODOLOGY
Participants were students in a Midwestern university. The participants were asked to respond to a scenario
description. The scenario asked the participants to assume that they want to buy vitamins which suit their medical
Proceedings of the Fifth Midwest Association for Information Systems Conference, Moorhead, MN May 21-22, 2010
2
Health Status and Health Information Privacy Concern
Bansal and Davenport
condition. There are 11 websites selling the vitamins. The participants were told the following. (1) The websites
ranged from low trust (offering high discount) to high trust (offering no discount). (2) The websites have been
evaluated for their level of trust by customers who have used them in the past. (3) All the vitamin websites have the
same level of product and service quality and the differentiating points are trust and discount alone. (4) All the
vitamin websites require that the user pay through an escrow service (e.g., PayPal). (5) They all need the user to
provide them with one’s health information such as medical history, health status, medications, health and fitness
level, addictions etc., in order for them to customize the type of vitamin that would work for the user.
Next, the participants were quizzed on the scenario description to make sure that they understood the same.
The scenario grid of 11 websites followed next. The participants were asked to choose the website they would intend
to do transaction with. They then filled out the instrument online. The instrument was developed using existing
items. Privacy concern items were adapted from Smith et al. (1996) and Malhotra et al. (2004). Perceived health
status and financial status items were adapted from Bansal et al. (2010). A total of 245 observations were collected.
25 did not complete the survey. Another 30 were deleted because they failed the scenario quiz. A total of 190 usable
observations were collected. There were 83 males, and 106 females. One participant chose not to disclose his/her
gender. Average age was 21.73 years (std dev = 5.22). Minimum was 18 and highest was 52, all 190 responded to
the age question. The participants had on average 10.11 (std dev = 3.41) years of internet experience.
Table 1. Instrument (All items were measured on a continuous 11-point semantic differential scale)
DATA ANALYSIS
We performed the data analysis as suggested by Ray et al. (2005). All the multivariate variables were estimated by
Variable type
Dependent variable (0: low trust & high
discount to 10: high trust & low discount)
Independent variable (1 to 11)
Control variable (1 to 11)
Variable
Name
Health: Trust
over discount
Number of
items
Mean
Standard
deviation
Cronbach
alpha
1
7.841
2.590
-
Collection
Secondary
use
Improper
access
2
7.324
2.702
0.912
3
7.948
2.687
0.959
2
6.115
2.381
0.868
Errors
2
5.710
2.220
0.943
Health status
2
9.071
1.390
0.728
Fin. status
1
6.660
1.821
-
Table 2. Variable Mean, Standard Deviation and Reliability
Proceedings of the Fifth Midwest Association for Information Systems Conference, Moorhead, MN May 21-22, 2010
3
Bansal and Davenport
Health Status and Health Information Privacy Concern
averaging the item scores for the variable. We first examined the reliability of the items using Cronbach alpha (table
2). The values were greater than 0.70 and indicate adequate reliability. We next examined the convergent and
discriminant validity using the exploratory factor analysis. The items had high loadings greater than 0.83 on the
intended factors. No cross loadings greater than 0.40 were found. This suggests that the items possess adequate
discriminant and convergent validity.
Ordinary least squares (OLS) regression analysis was used to test the hypotheses. The data were analyzed
with the help of 6 separate models as shown in Table 3. Model 1 tests the direct effects of privacy concern factors on
preference of transacting with trust websites over discount websites. The contingency hypotheses were tested in
several different models (Model 2 - Model 6) to alienate the possible effect of multicolinearity which could arise due
to the presence of several interaction terms (Ray et al. 2005). Interaction terms were formed by first centering the
main variables which were obtained by subtracting the sample mean value from each observation, and then
multiplying the centered moderator variable (health status) with centered variables for the 4 privacy concern factors.
Ray et al. (2005) suggested that centering reduces multicolinearity without affecting the coefficient of the interaction
term itself. We deleted one observation which was disturbing the normality of the residuals. We compared models
with full 190 and 189 observations, and found that the model with 190 observations was providing us with weak
support (at p < .10) for H5 (related to moderating role of health status on collection and trust) in the full model
(model 6) but not in the model 2 (as shown in table 5 below). We also carried out subgroup analysis for collection
and health status by binning them into high (factor scores > 0.5) and low (factor scores < -0.5) groups. The analysis
is summarized in the Results section. The results with remaining 189 observations are given in the Table 3 and
average coefficients across all models (with 189 observations) are summarized in Figure 3. The residuals for all of
the models (with 189 observations) satisfied distributional assumptions. Variance inflation factors (VIF) were also
consistently low as reported in table 3.
RESULTS
The 6 models on average explained 24.52% of the variance in the trust-over discount variable. In terms of direct
hypotheses, H1 related to collection and H4 related to error were supported and H2 related to secondary usage was
not supported. Interestingly, H3 related to improper access was found to have negative impact implying the
preference of discount over trust. In terms of contingency hypothesis, H6 related to the moderating impact of poor
health status on secondary use concern and trust-over-discount was significant but with negative sign. Other
contingency hypotheses H5, H7 and H8 were not significant. The control variable financial status was significant in
all the models.
The subgroup analysis of collection concerns and poor health status reveals an interesting story as well
(Figure 2). Even though the hypothesis was not supported in any of the models with 189 observations, the subgroup
analysis reveals that the poor health status indeed impacts the collection concerns differently. Poor health status
positively moderates the impact of high collection concerns on preference of trust over discount; and it negatively
moderates the impact of low collection concerns on preference of trust over discount.
Figure 2.Post hoc analysis of the moderating impact of health status on collection concerns
Proceedings of the Fifth Midwest Association for Information Systems Conference, Moorhead, MN May 21-22, 2010
4
Health Status and Health Information Privacy Concern
Bansal and Davenport
Table 3. Results of Regression Analysis
Abbreviations:
*** p < .001
** p < .01
* p < .05
Collection
H1
.35***
Unauthorized
Secondary Use
Improper
Access
H2
.06
Preference
of Trust
over
Discount
H3
-.19*
H4
.17*
H6
-.09*
Errors
H5
.03
H7
-.03
H8
.05
Controls:
Perceived
Poor
Health Status
Financial Status
(.29**)
Figure 3. Results
Proceedings of the Fifth Midwest Association for Information Systems Conference, Moorhead, MN May 21-22, 2010
5
Bansal and Davenport
Health Status and Health Information Privacy Concern
DISCUSSION AND CONCLUSION
There are a couple of interesting findings from this paper. In the direct hypotheses, we found that secondary use
concern played no significant role and that improper access had negative impact on the choice between trust over
discount. These two findings could be attributed to the privacy protection provided to the users’ health information
by HIPAA. Other reason for the negative role of improper access could be higher perceived likelihood of improper
access of the user’s health information stored with the trustworthy companies than with the lesser known companies.
With the news about hacking of Google, Citibank, Pentagon, and many other well known entities, people in general
have become nervous about the increased interests of the hackers in attacking the known and reputable companies
and the companies’ limited ability to safeguard the users’ information.
It appears that people are looking for protection in lieu of their concerns. Tying back to the HIPAA
protection, we can now group these concerns into explicitly protected and implicitly protected. People probably feel
that HIPAA explicitly protects them from secondary use and improper access. Due to this explicit protection by
HIPAA, people do not feel the urge to spend more money than they have to in order to overcome their secondary
use and improper access concerns. But they still feel unprotected for collection and error concerns for which they
probably rely on the implicit protection via trust in the company’s website.
The posthoc subgroup finding that health status impacts the relationship between collection and trust is
different for individuals with high versus low collection concerns. This observation signals that their joint impact
was probably nullified and hence no overall significant result was observed. However, the separate group analysis
reflects that the poor health status pushes high collection concern people more towards trust, and pushes the low
collection concern people towards discount. This again is an interesting finding and should be further analyzed.
In terms of theoretical contribution of this study, it is the first study, in our knowledge, to examine the
relative impact of the privacy concern factors on intentions of transacting with high versus low -trustworthy health
websites. It is also amongst the first to examine the role of health status in such setting. It suggests that not all
privacy factors behave in the same way when it comes to choice between high and low- trustworthy health websites.
This paper gives birth to another question. Is the negative impact of improper access due to HIPAA
protection or due to the higher perceived likelihood of improper access of the user’s health information stored with
the well known companies than with the lesser known companies? Future research should examine this question as
well as the role of privacy concern factors in different contexts and with different population sets to enhance the
generalizability of the findings.
This paper suggests that the well known and lesser known health websites need to follow different
strategies in order to win over their clients’ business. Moreover, their strategy needs to be different depending upon
the perceived health status of their users. One impression is that companies need to assure their users about
collection and error concerns, in particular, because findings of this study suggest that the users are willing to pay a
premium in lieu of protection against these two concerns.
REFERENCES
1. Bansal, G., Zahedi, F. M. and Gefen, D. (2008) The Moderating influence of privacy concern on the efficacy of
privacy assurance mechanisms for building trust: A multiple-context investigation, in the proceedings of the
International Conference on Information Systems, Paris.
2. Bansal, G., Zahedi, F. M. and Gefen, D. (2010) The impact of personal dispositions on information sensitivity,
privacy concern and trust in disclosing health information online, Decision Support Systems, forthcoming.
3. Malhotra, N. K., Kim, S. S., and Agarwal, J. (2004) Internet users’ information privacy concerns (IUIPC): The
construct, the scale, and a causal model, Information Systems Research, 15, 4, 336-355.
4. Ray, G., Muhanna, W. A. and Barney, J.B. (2005) Information technology and the performance of the customer
service process: A resource-based analysis, MIS Quarterly, 29, 4, 625-652.
5. Rindfleisch, T. C. Privacy, information technology, and healthcare. Com. of ACM, 40, 8, 1997, 93-100
6. Smith, H. J., Milberg, S. J. and Burke, S. J. (1996) Information privacy: Measuring individuals' concerns about
organizational practices, MIS Quarterly, 20, 2, 167-196.
7. Stewart, K. A., and Segars, A.H. (2002) An empirical examination of the concern for information privacy
instrument, Information Systems Research, 13, 1, 36-49.
8. USA Today.com “Google plan for medical info raises privacy issues” 2/22/2008 (last accessed 3/15/2010).
9. Westin, A. F. (2006) Improving access and protecting privacy, in Connecting Americans to their Health Care,
http://www.phrconference.org/conf_resources/presentations/dec7/improving_access.pdf (last accessed March 12,
2010)
Proceedings of the Fifth Midwest Association for Information Systems Conference, Moorhead, MN May 21-22, 2010
6